endpoint_type = "VPC_ENDPOINT" it’s deprecated / discountinued
After May 19, 2021, you won’t be able to create a server using
EndpointType=VPC_ENDPOINTin your AWS account if your account hasn’t already done so before May 19, 2021. If you have already created servers with
EndpointType=VPC_ENDPOINTin your AWS account on or before February 21, 2021, you will not be affected. After this date, use
VPC. For more information, see Discontinuing the use of VPC_ENDPOINT.
So in principle I should be using aws_transfer_server with endpoint_type = “VPC” but terraform does NOT allow to configure the security groups when creating the
aws_transfer_server resource . When creating a aws transfer server from the AWS console it is actually possible to specify the security groups at creation.
So is there any workaround there? So far I need to create the
aws_transfer_server, look in the vpc endpoint id that is created under the hood (looking it up in the aws console), and edit manually in the aws console the vpc endpoint to add the security group. So really adding the security group manually outside terraform. Of course I would prefer if I could manage the security group in terraform as well. Is there any way?
I reported this as feature request in aws_transfer_server: allow security group · Issue #19872 · hashicorp/terraform-provider-aws · GitHub , but maybe somebody here has another idea on how to do it …